* Posts by admiraljkb

536 publicly visible posts • joined 15 Oct 2010


Debugging source is even harder when you can't stop laughing at it


> "If we reach here then the ladies bits are pointing skyward"

Not confirming I've ever done this(cough), BUT if I were to put a comment like that in, it would look like this:

"If we reach here then things have gone Tango Uniform"

If the error is particularly bad:

"If we reach here then things are Foxtrot Uniform"

The perils of non-disclosure? China 'cloned and used' NSA zero-day exploit for years before it was made public


Re: Offence vs Defence

The NSA is a strange beast. It's seems that the secretive/offensive half of the shop is busy finding exploits to stockpile and use, then the other public half of the shop is assigned to find exploits and help defend against the other half of the shop.

I have to agree that it's unethical to find exploits and not disclose though. You have to assume when you find something, that multiple other people/organizations have also discovered it. Consequently it is a threat to National security globally. As in a threat to all Nations...

Black Helicopters

Re: hello pot, I'd like you to meet kettle and Microsoft

>> Thank (deity of your choice) the NSA doesn't have virologist or genetic engineers,

That we _know_ of. DNA is really just more code to be hacked on. I would put a joke icon on this, but really not sure if it might be true.

Engineers blame 'intentionally conservative' test parameters for premature end to Space Launch System hotfire


Re: Well That Doesn't Sound Too Bad

>> When you start from scratch, you always - always - encounter all the undocumented exceptions to the rule and oddities that made the original code more complex than it appeared to require. I'm not saying a redesign isn't a good idea, but it's going to take longer than you've estimated, guaranteed.

Yep. Also been around the block for 30+ years. I HATE starting over from scratch, but at a certain point, it's time. And strangely enough, when it's time, if you've been around long enough you seem to know. Don't like it, but you know. This is versus exuberant pups who want to rebuild everything just because X language is so much cooler. :) Nothing worse than dealing with barely doc'd or undoc'd spaghetti code that over the years just kept getting tacked onto and ultimately used inconsistently with how it was originally architected. Then there are the stupid things in the old program that you find out WHY they were there on your first run. :)


Re: Well That Doesn't Sound Too Bad

>>Doesn't really work that way with rocket engines.

The engines regardless of what they're using for fuel need engineers experienced with the design and building of same. NASA hasn't kept their core competency for engine designs, and let that go decades ago. Hence trying to use old engines thinking it was the safe route, but maybe without the full expertise needed to actually re-use the old engines in a new rocket design


quick software workaround for the sensor, and put it back in the air without disclosing anything at all? That sounds like the (modern) Boeing way, sadly.


Re: Well That Doesn't Sound Too Bad

> even had the engines 'gifted' to them so they didn't have to develop them

That is actually a large part of the problem from what I can figure out. This program is trying to take hand me downs designed and built by engineers that are dead or long retired now and having to reverse engineer them to fit them in. Many times this is much harder than just going pure greenfield and do something new. They HAVE to be ultra conservative on tests, because many of the parts just aren't replaceable currently. The consequence of that is later when failures happen with the old space shuttle components (again) with live humans aboard (again).

Figured out a while back as a software engineer that legacy code will eventually hit a point where F it, it's time to create something new as it takes too much time to maintain that mass of spaghetti.. Also found similar on my house, where after starting "renovations" it turned into a rebuild, and would have been cheaper, easier and FASTER to bulldoze and build new.

Linux kernel's Kroah-Hartman: We're not struggling to get new coders, it's code review that's the bottleneck


"Personally I preferred getting it right, then releasing it."

Regardless of methodology used, Software doesn't release, it escapes as perfect code doesn't exist. Agile dev done properly means less flaws releasing, and much faster fixes when flaws are found. (It is that "done properly" bit that's the kicker though)

The other thing I've noticed is many big bang release shops do the same thing on fixing issues. They get to it when management makes it a priority, and not a minute before.

Official: Microsoft will take an axe to Skype for Business Online. Teams is your new normal


Re: Out of the frying pan into the fire

New features alert that happened sometime in the last couple of months - the browser version now does conference calls seemingly just fine now (including video) if running Chromium based browser. I didn't test screen share though.

I agree with the message traffic drop. Our message traffic is still non-existent on Teams after 6 months compared to Slack which had all sorts of traffic going. Teams doesn't seem to foster team work. :)

Core blimey... When is an AMD CPU core not a CPU core? It's now up to a jury of 12 to decide


Re: Ryzen

@9Rune5 - They ended up with some QC issues early with the 486DX line. To add insult to injury - the "487" was actually a full 486DX that pretty much took over.

For the Threadrippers, they have their own controllers for current gen. The new Gen Ryzens separate out what is effectively the Northbridge (that AMD integrated into the core cpu with K8, and Intel did with Nehalem) into a separate unit and shared across the compute units. It makes sense with ever expanding core counts, but we'll have to see what it does in real life. Since it's on die, it's faster than an external northbridge, and reduces complexity of the cores, but could introduce some extra latency for RAM, and I/O.

Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about


Re: No bold type text for AMD being affected as well,uh?


We'll see. Using AI to exploit CPU bugs is bound to turn up all sorts of stuff. Interesting times ahead.


Re: No bold type text for AMD being affected as well,uh?


The quote in the article is "Gras also believes AMD's hardware threading technology in its latest Zen processors – Ryzen, Threadripper, and Epyc – are at risk from TLBleed, "

There is no confirmation (yet) AMD is affected by this. Currently there is a reasonably educated suspicion that it *probably* is, and that is because AMD uses SMT which is where the vulnerability crept in for Intel. No testing has been made public yet, and probably isn't completed yet. It is quite possible that Intel and AMD's SMT implementations are sufficiently different that AMD isn't impacted. Until the testing is completed, we have to wait until there is something concrete to discuss. Right now it is a big old MAYBE. :)

Microsoft Office 365 and Azure Active Directory go TITSUP*



Hosted is someone else's computer - and o365 is totally hosted, with little in the way of resiliency.

Strictly speaking, Cloud is quite dynamic/automated and much more resilient and distributed. However... Marketing weenies will call everything on the internet "cloud" to keep a marketing hypewagon of buzzwords rolling. So at this point, the term cloud is virtually meaningless...



o365 isn't actually cloud. It's hosted. *IF* if was actually cloud, it would be more resilient and less susceptible to the issues that keep downing it. :)

Sidenote - In a meeting with MS o365 and Azure Sales and Tech, the o365 drone said "cloud", and I corrected him, with the Azure guys nodding with me. :) They weren't happy about the o365 guys throwing the word "cloud" about when they are a hosted service...

IT Angle

Re: Why???

@Lee D

"But it's "lazy IT". Let's just pay a monthly subscription, then that's us sorted because "it's Microsoft". "

That 2nd sentence is an MBA laden CxO talking, not rank and file "proper" IT. IT much of the time doesn't make its own budgets or decisions on stuff like this. A couple of dinners with some MS sales guys at the CxO levels, and this sort of thing gets pushed through over IT's objections. (been there, got the t-shirt). I would say it's probably more Lazy management that's trying to trim both the personnel and equipment budgets while simultaneously getting nice meals...

We need to go deeper: Meltdown and Spectre flaws will force security further down the stack


Re: Which Hardware?

@lsces -

the 10-30% slowdown is related to the fix for the "Meltdown" variant, which is Intel only, and the worst of it (ala when you lose ~30% performance) is related to storage IO. The Spectre fix slowdowns so far aren't significant.

Farewell, Android Pay. We hardly tapped you


Re: What could possibly...?

"Physical debit card for debits"

Umm, if you are security minded, ditch the debit cards. Don't use anything directly tied to your bank account. Credit cards are an excellent security buffer zone between crims and your money.


"And as for Samsung Pay, why the hell would I want to use magnetic payment? No thanks... Even most shops in the US now accept either contactless or chip..."

In the US - Home Depot, Lowes, and most gas stations are still swipe unfortunately along with many others. Lots of shops with chip readers still not enabled even when they have them. In this current interim period - Samsung Pay is a nice way to secure the card from a skimmer since what's transmitted to the magstripe reader isn't usable a second time..

AMD comes out swinging, says: We're the Buster Douglas of the tech industry!


Re: SGX -- More than speed

AMD has Secure Memory Encryption and Secure Encrypted Virtualization which encrypts the RAM and keeps processes and VM's completely separate respectively. It is also the path of least resistance, and for SEV doesn't require code changes to anything other than the Hyper-visor which is happening presently. To implement SME in software doesn't require any heavy lifting either.

SGX appears to be the equivalent of AMD's long deprecated 3DNow! instructions (or probably closer to Intel's Itanium) in terms of being setup for non-adoption and deprecation. I don't see it surviving due to requiring too much work to implement. Currently Intel's initial attempt is borked in silicon and still being worked out. Cascade Creek is the earliest release arch now for SGX to work sometime in 2018, To date, I'm not aware of any SGX apps in the wild, given no CPU support. In this case, Intel will likely do what they did with AMD's AMD64 and NX instructions and adopt SME/SEV from AMD, and deprecate SGX like they did with IA64. They're cross-licensed on tech after all since both are using several patents from each other.


"I wouldn't exactly call Core 2 (2017) to the current i7 a "decade of decline"."

Remember that Core/Core2 was simply a souped up, decade old P6 (PentiumPro) architecture which spawned from a black ops project that saved Intel's bacon from the P4/Netburst debacle. Meanwhile work on the more modern (AMD K8 like) Nehalem arch was occurring, which is the lineage of the current Intel chips. Since Nehalem and it's tock followup Westmere, the performance ticks up, haven't been spectacular. Westmere roughly coincides with AMD's architectural equivalent of the Netburst debacle - BULLDOZER....

So yeah, Intel (so far) hasn't made any huge improvements since the MagnyCours era on the AMD side of things. :) Having competition again is good, and drives higher compute densities in the datacenter so I don't have to pay for more racks on the floor and bigger cages to house them. :)

Samsung shows off Linux desktops on Galaxy smartmobes


Re: I hope by Linux they don't mean Tizen

It is effectively running a chroot environment. Android is already running on top of Linux. This just presents a different user environment.


FYI - The DeX dock has a fan on it to prevent overheating the docked phone. I got one to just play around with. Turns out, for normal (non-dev) usage, it can already replace a laptop in an office setting, even without Linux mode. BUT - undocking closes apps, so re-docking doesn't go back where you started. That gets annoying when you redock after taking the phone out for a quick coffee run or bio-break. As a result, I'm back to the laptop until that gets fixed.

Help desk declared code PEBCAK and therefore refused to help!


Replaced the stick actuator (pilot), operation check tested normal.

LOL. I've done similar.

Had a new employee that kept having problems and turning in tickets. A new ticket came in midday Friday, and by the time I got to their desk on Monday morning, there was a different person sitting there. Verified everything was working, and closed the ticket with "Replaced user, Tests OK.". Waited on an angry call from the help desk manager who'd I'd had discussions with before over resolution comments, but apparently said user had ticked her off as well. :)

Beaten passenger, check. Dead giant rabbit, check. Now United loses cockpit door codes


Re: I rather suspect

"KeyWord Theatre."

Hmmm, I wonder what would happen if you walked up to the door and just said "Alexa, open the door" ?


Re: Security Theater

"Realistically we're in far more danger from a bent laptop battery in the baggage compartment."

or just in the passenger area via a bad battery in a phone, tablet, laptop, baby toy, etc etc etc...


Re: try 1234

don't tell anyone, but the new keycode sequence is 4567 (keep it under your hat)

Yahoo!'s Marissa! will! eject! with! $186m!.. $185m!.. $184m!..


Re: Rinse, Repeat

"...and get another nice paying gig ..."

except she no longer needs another gig, EVER. As long as she can keep her living expenses reasonable (actually even unreasonable, just not NFL player crazy spending), she and her family are set for life, all the way to her grandkids' lives, and possibly beyond that with nobody "working" again. Hats off to her for accomplishing that trick while putting the last torpedoes into the USS Yahoo! of which she was captain.

Android's February fix-fest flings 58 patches


Re: "Nexus owners are sweet."

To keep them relevant, I had to update both my original Nexus7 and Nexus7 2013 to the current LineageOS 14.1 version since Google EoS'd them ages ago, but at least I have Android 7.1.2 now. Installing 3rd party firmware isn't for everyone though.

(I'm not sure why I still hold onto my original Nexus7 since I replaced it a couple of years ago. Well, actually I do know, I'm a hardware hoarder, but am seeking treatment for it. :) )


"My Moto G4 ( expected to get Android 7 in Q4 2016 I believe ) has a patch level of July 2016."

I feel your pain. Last unofficial word, is that it got pushed from mid-Dec, to mid-Jan, to Febs-whenever, and now out to March-whatevs. Really getting annoyed by the repeated slips and no security updates either in the meantime. Prior generations of Moto G series got updated pretty quickly.

Intel Atom chips have been dying for at least 18 months – only now is truth coming to light


Re: Corporate weasels just can't learn

@Atilla_the_bun - The antenna fiasco as I recall was that the proto case (a mod'd iPhone 3 case) they were testing in the field before release, was NOT the case that went into production. In the pursuit of external design secrecy ahead of the big reveal, they ended up using their customers for alpha testing of the antenna in the final case.


"...weren't Intel phasing out Atom? What is Intel going to do for you? Even if they do have a replacement, those embedded boards with the CPU soldered in... they just increased vendor costs."

This is (mostly) the embedded space, so Intel has contract obligations to continue supply these for as long as the customer contract specifies. :) So Cisco/Dell/Synology/etc are probably taken care of. Smaller end users though, that could get interesting. For the second part - yeah, its OUCH time for Intel. Whatever profits they got off these incredibly low margin and custom chips will get wiped out and then some.

re the phase out and this is somewhat unrelated to the current issue - unless I misunderstood, Intel is going to use their normal x86 Architecture du jour as the base of all the new low power x86 stuff rather than continue to have the expensive one-off that Atom was.


Re: sanmigueelbeer

"It might also explain why Intel quit making the Atom line."

You might think that, but these were special purpose Atom based SoC versus regular garden variety Atom's. Trust me, the regular Atom line has plenty going against it, mainly the age of the architecture. There was only so far Intel could tweak on it before the engineering costs on an outdated arch (unrelated to their primary bread/butter x86 cpu lines) outweighed the rewards/profit margins.

If USA wants a say in 5G, Cisco HAS to buy Ericsson


Re: That cat...

I was thinking it looks like a "Briitsh Blue" laying on the US flag. Decidedly chuckle worthy. Hopefully The Register's staff put that in on purpose as an in plain sight hidden joke? :)


Re: Disappointing article

agreeing with JetSetJim for his reasons, but will add what might be a bigger one: Ericsson has pretty big corporate operations already in the US. They may not be a US company, but they employ a lot of US citizens already.


Re: What if Huawei builds an American factory?

"OK, fridges are less sensitive to arguments about the security of national infrastructure..."

hehe, USED to be less sensitive. How about the "Internet/IoT" enabled ones? :) Yeah, that starts to get interesting.


Re: But...

"Made in Mexico"? No. A couple of years ago, the final assembly was in Mexico which then gets it a legal "Made In" badge for NAFTA purposes, and a lot of that assembly was in Foxconn facilities... I'm not sure about the current manufacturing situation.

HBO slaps takedown demand on 13-year-old girl's painting because it used 'Winter is coming'


Re: Fimbulwinter FTW

"I interpret the existence of the DMCA and copyright lawyers as a sign of coming Ragnarök"

Ugh, I think you're right. So Winter IS Coming!


Fimbulwinter FTW

Hmmm, for "art/entertainment/poetry/story" purposes, I interpret the phrase "Winter is coming" as referencing the "end of the world/Ragnarök" Fimbulwinter from Norse mythology. There is a REASON its a common phrase for literature/arts and such, even if the majority of the population doesn't understand the significance. Not sure how HBO can issue a takedown on that with a straight face, but I assume their lawyers aren't well versed outside of law classes?

AMD virty encryption not quite there, claim boffins


Re: Wait...

They did some real world testing. But basically you've got it - under normal circumstances with SEV you are much better off. The VM(s) are shielded against other VM(s) on the same host with the proviso that the underlying host has NOT been compromised. Of course, if the underlying host is compromised, you're bantha poodoo anyway, so...

Google turns on free public NTP servers that SMEAR TIME


Re: Smearing

"Second point - ..."

So was that on purpose, or just accidental? Either way, pretty funny, and "its about time" someone made that crack.

CloudFlare warns of another massive botnet, er, flaring up


Re: Usual White House clownshow

sar chasm, thats near the Grand Canyon right?

US election pollsters weren't (very) wrong – statistically speaking


Re: You illustrate this perfectly!

@Tikimon - dude, I really wasn't trying to single out anyone. Yes, I called out Trump first since a) pollsters said he'd lose b) I could make the "red state" observation, and c) I don't live in a Blue state to make a direct observation on people who were reluctant to make their choice known. I could only observe those around me in a red state who were extremely reluctant to declare anything, and who had not been so reluctant in prior years.

I suspect since pollsters said their numbers were underreported on Clinton as well in several areas, that many voters that selected Clinton were equally reluctant/ashamed to do so. Hence me postulating the theory of maybe pollsters just ask people who they will NOT vote for. :) Sorry if I had some clarity issues in previous post.


Elector allocations

its done that way to make sure that the large pop states (TX, NY, CA, FL, etc) can't run roughshod over the rest of the country. Even so, it could be argued that with 55 votes, CA in particular may already have too much influence in a Presidential election, particularly with the statewide winner taking all the State's electoral votes.


Well, before the election, I knew very few people (in a heavily "red" state) that would fess up to wanting Trump. Based on that observation, I suspected they were probably too ashamed to admit that to an anonymous pollster and possibly to themselves. I figured *if* Trump was within 10-15% of Hillary poll-wise, he'd probably win, and he was within 10% at the final day... Not a terribly scientific observation, but it turned out a good guesstimate. Somehow have to factor in the psychology of people who vote not FOR a candidate, but AGAINST a candidate. (which seems to be most of the votes submitted this cycle were either AGAINST Hillary OR Trump, but not actually FOR either and might not admit to voting for either) . Maybe they need to change the question - like "which candidate(s) would you NOT vote for?", and not even worry about the "who are you voting for?" questions.

Linus Torvalds finds 163 reasons to wait a week for a new Linux


Re: Take Christmas and the new year off, please.

"I've had a few long lunches* and come back to put in a few really productive hours at the office (or so I thought at the time) only to come in the next morning and look at the code and think wha???"

I've had something similar... Had an accident during a weekend where my hand got sliced open and had to be sutured, the obligatory shot of morphine, then some oxy-codone for afterwards... I felt FINE (morethanfine) the following day as I was still taking pain pills, and since I thought I felt "normal", just WFH'd and got some code knocked out. Unfortunately/fortunately I didn't have anyone to code review, so I left it for the following day. Yeah... next day rolls around, and I'm NOT on pain pills... Looking at the code... WTF, who the HELL WROTE THIS? Uhhh, It was indeed me, but I didn't actually recognize "this brilliant code I wrote yesterday". Thankfully I didn't check it in...

the Beer for obvious reasons... Don't drink and code kids! :)

Team Trump snubs Big Internet oligarchs


Back in the "olden days" companies would give campaign contributions to both parties, and just kinda stand clear otherwise in order to not make enemies with whomever was elected. Taking sides is a risky business that puts the business at risk. I suspect the various Boards of Directors will put a muzzle on high ranking execs from here on out.

Forget 'shadow IT' – it's 'self-starting IT' now


Re: Shared IT

"Might give pause for thought about who they are sharing with and also those "high enough up" to ignore policy wouldn't want to share, they want their own ;)"

Yep, seen that, and as a result, NOT a fan for outsourcing anything other than janitorial services. After having gotten a contract QA engineer up to speed, they were re-assigned to a DIRECT competitor. I was LIVID, and objected to the higher ups. I don't know if it did any good, but the QA Engineer was reassigned back to us a quarter or two later. You really have no idea on contract stuff WHERE your trade secrets go ultimately, and there is no real way to protect yourself and still have the outsourced resource do their job.


Re: This isn't "self starting" ...

"... this is going against corporate policy and procedure. In my world, such loose cannons are terminated without so much as a by-your-leave."

Agreed, but my experiences with these type of folks, is they are smooth talking, fast walking snake oil sales types that come in schmooze/dazzle the board with what they say they can do for their dept, and get approval to pull their whole dept off the grid from normal IT.

Oddly enough they actually do have the talent necessary to do it (at first), some brilliant engineers who can handle it, and it works great for about a year, maybe TWO. Their brilliant/but short handed staff which had been working just fine? They've had attrition, and the replacements aren't as capable as their predecessors, OR their predecessors didn't document themselves well enough for a replacement to step in and have a snowball's chance in hell at success, and they leave. Starting in on year 3 or 4? Its falling apart or has collapsed completely, the department is in a lot of trouble, and begging corporate IT to help out, and bad mouthing IT to the board for not being team players... Effectively a Kobyashi Maru scenario for Corporate IT... (I've also seen where it went wrong from the get go, but the end result is the same, somehow the rogue's failure was still IT's fault)

Moral of the story, hire/retain ONE smooth talking snake oil type in corporate IT to politically counter the rogue in whatever dept that is pitching a breakaway movement.

Magnetic, heat scanners to catch Tour de France electric motor cheats


Re: UCI can "fix" this by removing/reducing minimum bike weight rule...

> "Especially considering that they have no minimum weight limit on MTB's"

Good point, given the amount of abuse a MTB takes, you would figure UCI would have a minimum weight there too.